I've been using Kaspersky for years with no problems, but they are now banned in the US. They want me to switch to their partner, UltraAV. The company that was working with Kaspersky here in the US wants me to switch to BitDefender. Any recommendations for either of these two or something else like Norton? I'd like something that offers extra protection for financial websites; banking, trading, etc.
What is wrong with McAfee?
Quote:
Top of the line effectiveness and doesn't bog down your computer resources like others do. I'd avoid Norton and McAfee like the plague.
What is wrong with McAfee?
Garbage protection, hogs system resources, lots of false-positives. It's bloatware that gets shipped with a lot of new computers. Historically a pain in the ass to remove completely.
Paid, I recommend Bitdefender, Avast and Malwarebytes.
Windows Defender is good for basic real time protection, but not as nuanced nor as comprehensive as other packages. But, if you don't need things like secure browsing, proxy/vpn, ad block, content filter, behavioral based process protection, then yes Defender does just fine at blocking file-based malware.
One tip about Defender. Usually when you install an anti-malware product ("endpoint protection" is the current term), it registers in Windows Security Center and Defender turns off. But this doesn't always work. So in that case, do check that Defender's real time scanning is turned off. You can't really remove or fully disable Defender, it's required for certain Windows core functionality, but you can be sure it is not "also" scanning files, while your current anti-malware does the same.
One other thought, anti-malware (no longer 'anti-virus') is shifting to "endpoint protection", whereby they no longer only (or at all) scan files in place, but rather scan processes that are executing, which may or may not be accessing files. So the protection becomes much broader and more comprehensive than just considering file based malware. This is especially effective for novel threats, and ones that don't involve files per-se.
Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.
That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.
Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.
Sophos is solid.
Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.
That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.
Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.
And Microsoft quickly patched Defender to eliminate that vulnerability. If you think the paid ones can’t be exploited you’re fooling yourself.
I have Bitdefender too and am happy with it. One tip is to keep track of the renew date and cancel right before. They gave me a big discount.
Avoid resource hogs like Norton.
It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.
Quote:
It's Good and Free (you can pay for it)...
It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.
Is that a fact for the pay version?
Quote:
In comment 16621437 mvftw said:
Quote:
It's Good and Free (you can pay for it)...
It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.
Is that a fact for the pay version?
The paid version provides real-time protection. I was responding to your “good and free”.
Quote:
I watched a presentation at Black Hat last year where a researcher wrote a script that downloaded a Microsoft update for Defender, unpacked it, modified it to ignore signatures for certain malware, then "patch" Defender with that update. It worked. He then introduced that malware which was not detected, and he was able to create back door remote access, run other malicious code...
Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.
That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.
Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.
And Microsoft quickly patched Defender to eliminate that vulnerability. If you think the paid ones can’t be exploited you’re fooling yourself.
Yes, they did. I believe they patched it before the presentation was given. Did you see that presentation as well? If I remember correctly, the researcher described a few similar ways to manipulate Defender and that it would be hard to block them all, unless MS changes how it packages and delivers updates. He claimed, think I recall, that his technique was still valid, just need to tweak it a bit to get around the specific fix that MS engineered.
I am not so naive as to believe that paid solutions from dedicated security vendors can't be exploited, what I said was they wouldn't have flaws that basic. In my experience, Microsoft products (which I use and support daily, so I'm not anti-MS) due to their complexity and legacy support, have tons of flaws, often basic ones. 3rd party security applications have their flaws, but relatively few, and generally not both basic (easily exploitable) and critical (severe consequences).